Full Disclosure mailing list archives

RE: FW: [Fwd: Re: AIM Password theft]

From: "Bassett, Mark" <mbassett () omaha com>
Date: Wed, 24 Sep 2003 09:57:57 -0500

-----Original Message-----
From: Thor Larholm 
Sent: Tuesday, September 23, 2003 2:06 PM
Subject: RE: [Fwd: Re: AIM Password theft]

This is just a simple exploit utilizing the Object Data vulnerability
discovered by Drew Copley, coupled with the GreyMagic no-script HTML
rendering as demonstrated earlier on this list and others by jelmer.

Tell your user to go install MS03-032, which he obviously did not do as
MS03-032 patches this vulnerability. MS03-032 was released on August 20
and you can find it at

http://www.microsoft.com/technet/security/bulletin/MS03-032.asp
--------------------------

Actually the MS03-032 patch doesn't stop the object data vulnerability.

Check it here... http://www.secunia.com/MS03-032/
I am patched with MS03-032 ( Q822925 ) but am still vulnerable.

Possibly the particular version at haxr.org is the exploit that the
patch
fixes but if it is, it could easily be modified to the vuln that still
works.  Only way to really stop it is kill your activex scripting for
untrusted sites.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

FW: [Fwd: Re: AIM Password theft] Thor Larholm (Sep 23)
- Re: FW: [Fwd: Re: AIM Password theft] w g (Sep 23)
- <Possible follow-ups>
- RE: FW: [Fwd: Re: AIM Password theft] Bassett, Mark (Sep 24)
  - Re: FW: [Fwd: Re: AIM Password theft] Valdis . Kletnieks (Sep 24)
- RE: FW: [Fwd: Re: AIM Password theft] Thor Larholm (Sep 24)